Enormous Yahoo Data Breach with Usernames, Passwords, Dates of Birth

Share the knowledge

The BBC is reporting that there seems to have been a massive data breach of 200 million Yahoo accounts, with the data – which appears to be from 2012 – being offered for sale for 3 bitcoins ($1805 USD).

According to the BBC article, from a sample of 5000 of the 200 million account credentials being offered for sale by the hacker, who goes by the name of “Peace” and who has also been tied to massive hacks of LinkedIn and MySpace, Motherboard tested a sample of about two dozen and found them to be legitimate, meaning that they were real accounts, and the credentials worked to log into them.

In a statement, Yahoo said that “Yahoo works hard to keep our users safe, and we always encourage our users to create strong passwords, or give up passwords altogether by using Yahoo Account Key, and use different passwords for different platforms.”

However, while the passwords are hashed, Peace has also published the algorithm used to hash the passwords. So, even if you have “created strong passwords” there’s no guarantee that your data will be protected from this sort of breach.

As security expert Professor Alan Woodward points out in the BBC article, “The algorithm MD5 is considered to be weak, and for the vast majority of passwords it is easy to reverse what it was using what we call a dictionary attack.”

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

So, if you have a Yahoo account, it’s time to go change your password. Or, to close it.

Get New Internet Patrol Articles by Email!

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

 


Share the knowledge

One thought on “Enormous Yahoo Data Breach with Usernames, Passwords, Dates of Birth

  1. I don’t know if it helps my security but I never bank online and I try not to hand out my cc number any more than absolutely necessary.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.